As I understand it (which is also rather little), the "interpretation" you are talking about is just for portability. When the application starts up, it asks the driver to compile it for whatever the hardware is and then the application copies that to the video memory for execution. There are limitations around what that can do, but only because of limitations of the GPU instruction set (not sure of the current state but they historically avoided things like loops, etc, since they never wanted it to be possible to execute more than a statically-determined number of instructions for element).
If you are allowed to copy data to the card (as most software is), then you could either use the driver's compiler or just copy a pre-built binary and try running that.
There is little in terms of actual security once you are on the card. This is part of why one application can often read another's framebuffer or why an illegal instruction requires restarting the entire card (typically).